An aggregate of all of GoVanguard’s InfoSec & Cybersecurity related Posts, News, Threats and Data Feeds.

image
Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world's largest domain name registrar, KrebsOnSecurity has learned. The incident is the latest incursion at GoDaddy that relied on tricking employees into transferring ownership and/or control over targeted domains to fraudsters. In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com. And in May of this year, GoDaddy disclosed that 28,000 of its customers' web hosting accounts were compromised following a security incident in Oct. 2019 that wasn't discovered until April 2020. This latest campaign appears to have begun on or around Nov. 13, with an attack on cryptocurrency trading platform liquid.com. "A domain hosting provider ‘GoDaddy' that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor," Liquid CEO Kayamori said in a blog post. "This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage." In the early morning hours of Nov. 18 Central European Time (CET), cyptocurrency mining service NiceHash…

Source

In brief

Please join us for a new weekly video series, hosted by Baker McKenzie’s North America Government Enforcement partners Tom Firestone and Jerome Tomas.

This weekly briefing is available on demand and will cover hot topics and current enforcement actions related to white collar crime and criminal investigations in the US and abroad to arm you with the information you need to start your business week.

As one of the largest global law firms, we will call upon our exceptionally deep and broad bench of white collar experts throughout the world and particularly in the commercial hubs of Europe, Asia, Africa and Latin America to join our weekly discussion series.

These briefings will cover:

  • High-profile DOJ case updates and implications
  • SEC enforcement developments
  • CFTC enforcement developments
  • Other white collar defense industry developments

16 November 2020

Video Link

9 November 2020

Video Link

26 October 2020

Video Link

19 October 2020

Video Link

5 October 2020

Video Link

29 September 2020

Video Link

8 September 2020

Video Link

24 August 2020

Video Link

17 August 2020

Video Link

10 August 2020

Video Link

3 August 2020

Video Link

27 July 2020

Video Link

20 July 2020

Video Link

13 July 2020

Video Link

6 July 2020

Video Link

29 June 2020

Video Link

22 June 2020

Video Link

17 June 2020

Video Link

9 June 2020

Video Link

26 May 2020

Video Link

The post United States: This Week in Government Enforcement appeared first on Global Compliance News.

Source

In brief

Please join us for a new weekly video series, hosted by Baker McKenzie’s North America Government Enforcement partners Tom Firestone and Jerome Tomas.

This weekly briefing is available on demand and will cover hot topics and current enforcement actions related to white collar crime and criminal investigations in the US and abroad to arm you with the information you need to start your business week.

As one of the largest global law firms, we will call upon our exceptionally deep and broad bench of white collar experts throughout the world and particularly in the commercial hubs of Europe, Asia, Africa and Latin America to join our weekly discussion series.

These briefings will cover:

  • High-profile DOJ case updates and implications
  • SEC enforcement developments
  • CFTC enforcement developments
  • Other white collar defense industry developments

16 November 2020

Video Link

9 November 2020

Video Link

26 October 2020

Video Link

19 October 2020

Video Link

5 October 2020

Video Link

29 September 2020

Video Link

8 September 2020

Video Link

24 August 2020

Video Link

17 August 2020

Video Link

10 August 2020

Video Link

3 August 2020

Video Link

27 July 2020

Video Link

20 July 2020

Video Link

13 July 2020

Video Link

6 July 2020

Video Link

29 June 2020

Video Link

22 June 2020

Video Link

17 June 2020

Video Link

9 June 2020

Video Link

26 May 2020

Video Link

The post United States: This Week in Government Enforcement appeared first on Global Compliance News.

Source

In brief

Please join us for a new weekly video series, hosted by Baker McKenzie’s North America Government Enforcement partners Tom Firestone and Jerome Tomas.

This weekly briefing is available on demand and will cover hot topics and current enforcement actions related to white collar crime and criminal investigations in the US and abroad to arm you with the information you need to start your business week.

As one of the largest global law firms, we will call upon our exceptionally deep and broad bench of white collar experts throughout the world and particularly in the commercial hubs of Europe, Asia, Africa and Latin America to join our weekly discussion series.

These briefings will cover:

  • High-profile DOJ case updates and implications
  • SEC enforcement developments
  • CFTC enforcement developments
  • Other white collar defense industry developments

16 November 2020

Video Link

9 November 2020

Video Link

26 October 2020

Video Link

19 October 2020

Video Link

5 October 2020

Video Link

29 September 2020

Video Link

8 September 2020

Video Link

24 August 2020

Video Link

17 August 2020

Video Link

10 August 2020

Video Link

3 August 2020

Video Link

27 July 2020

Video Link

20 July 2020

Video Link

13 July 2020

Video Link

6 July 2020

Video Link

29 June 2020

Video Link

22 June 2020

Video Link

17 June 2020

Video Link

9 June 2020

Video Link

26 May 2020

Video Link

The post United States: This Week in Government Enforcement appeared first on Global Compliance News.

Source

In brief

Please join us for a new weekly video series, hosted by Baker McKenzie’s North America Government Enforcement partners Tom Firestone and Jerome Tomas.

This weekly briefing is available on demand and will cover hot topics and current enforcement actions related to white collar crime and criminal investigations in the US and abroad to arm you with the information you need to start your business week.

As one of the largest global law firms, we will call upon our exceptionally deep and broad bench of white collar experts throughout the world and particularly in the commercial hubs of Europe, Asia, Africa and Latin America to join our weekly discussion series.

These briefings will cover:

  • High-profile DOJ case updates and implications
  • SEC enforcement developments
  • CFTC enforcement developments
  • Other white collar defense industry developments

16 November 2020

Video Link

9 November 2020

Video Link

26 October 2020

Video Link

19 October 2020

Video Link

5 October 2020

Video Link

29 September 2020

Video Link

8 September 2020

Video Link

24 August 2020

Video Link

17 August 2020

Video Link

10 August 2020

Video Link

3 August 2020

Video Link

27 July 2020

Video Link

20 July 2020

Video Link

13 July 2020

Video Link

6 July 2020

Video Link

29 June 2020

Video Link

22 June 2020

Video Link

17 June 2020

Video Link

9 June 2020

Video Link

26 May 2020

Video Link

The post United States: This Week in Government Enforcement appeared first on Global Compliance News.

Source

In brief

This client alert covers amendments to Law No.5 of 1999 on the Prohibition of Monopolistic Practices and Unfair Competition (the “Antimonopoly Law“) made by the Omnibus Law on Job Creation (the “Omnibus Law“), which was passed on 5 October 2020. The Omnibus Law is expected to take effect within 30 days, upon signing by the President.


Key Provisions

The Omnibus Law amends several provisions of the Antimonopoly Law:

  • Summary: Under the Antimonopoly Law, the Indonesia Competition Commission (the “ICC”), formerly known as the Business Competition Supervisory Commission (the “KPPU“), is authorized to impose administrative financial penalties, which has to-date been the most commonly imposed penalty. The decisions of the ICC are subject to appeal (keberatan) to the courts. In the past, the relevant court having jurisdiction over such appeals was the regular Pengadilan Negeri (State Court), which is the default court for most non-specialized legal cases. Under the Omnibus Law, the authority to decide such appeals has been transferred to the Pengadilan Niaga (the Commercial Court), a more specialized court which is more experienced in commercial affairs, though chiefly in relation to insolvency/bankruptcy and intellectual property disputes.
  • Appeals: The period during which the Commercial Court is required to issue its appeal decision has been deleted. The previous deadline was 30 days. However, under the current Supreme Court circular on appeals to ICC decisions, such appeals are limited to a summary review of the case documents produced at the ICC-level. It therefore remains unclear if this development will substantively improve an appellant’s opportunities to present its case to the court in practice.

The Omnibus Law eliminates the 30-day deadline for the Supreme Court to issue its decision at the cassation level, which is the next (after the Commercial Court) and final level of appeal against an ICC decision. This amendment serves to codify the current practice where the Supreme Court has routinely disregarded the cassation deadline stipulated in the Antimonopoly Law. As there is no higher court, the Supreme Court has been free to do this anyway.

  • Financial Penalty: Previously, the statutory maximum on financial penalties was set at IDR 25 billion. Pursuant to the amendments made by the Omnibus Law, the statutory maximum has now been deleted, subject to an upcoming government regulation which is expected to generally set out how the financial penalty will be calculated. This raises a number of questions. First and foremost, will there be a limit at all on the maximum amount of financial penalties that the ICC may impose? It is unclear if the government regulation will impose an upper limit on financial penalties. Secondly, what levels of financial penalty should the ICC apply before said regulation is issued? By way of analogy, in the past, the Supreme Court once ruled that the KPPU cannot impose financial penalties for infringements relating to merger control because the relevant government regulation on the thresholds for merger filings had not yet been issued. On this basis, it may be that the previous statutory maximum will continue to apply in practice, until the government regulation is issued.
  • Other Penalties: Interestingly, based on the text of the Omnibus Law, all other penalties under the Antimonopoly Law will also be subject to further government regulation. This includes penalties that remain unchanged by the Omnibus Law, such as awards of damages to harmed parties, orders to cease offending actions and nullifications of violating contracts. The Government will have a wide say on how these penalties should be applied. Previously, the ICC made its own policy on penalties. Now, it will have to take into account the Government’s view although it will continue to retain its independence to decide on individual cases.
  • Decriminalization: Finally, pursuant to the Omnibus Law, most of the criminal sanctions under the Antimonopoly Law have been repealed. The exception is the penalty for the crime of obstructing an ICC investigation – this is now subject to a fine of up to IDR 5 billion or one year detention in lieu of fine. This amendment under the Omnibus Law essentially codifies current practice, under which criminal prosecution for violations of the Antimonopoly Law were practically non-existent.

Overall, these amendments present significant new considerations for companies when assessing the practical risks that may arise from a violation of the Antimonopoly Law. Generally, this risk has increased due to the elimination of the statutory maximum for administrative fines. Whether such risks may yet be mitigated by the upcoming Government Regulation on the imposition of financial penalties remains to be seen. We will provide you with further updates as they develop.

The post Indonesia: Omnibus Law and Competition – Higher Administrative Penalties and Decriminalization appeared first on Global Compliance News.

Source

image
A spike in recent phishing and business email compromise (BEC) attacks can be traced back to criminals learning how to exploit Google Services, according to research from Armorblox. Social distancing has driven entire businesses into the arms of the Google ecosystem looking for a reliable, simple way to digitize the traditional office. Armorblox co-founder and head of engineering Arjun Sambamoorthy just published a report detailing how now-ubiquitous services like Google Forms, Google Docs and others are being used by malicious actors to give their spoofing attempts a false veneer of legitimacy, both to security filters and victims. “Open APIs, extensible integrations and developer-friendly tools mean that entire virtual offices — complete with virtual workflows — can exist in a Google ecosystem,” Sambamoorthy wrote. “Unfortunately, Google’s open and democratized nature is being exploited by cybercriminals to defraud individuals and organizations of money and sensitive data.” The report gives several specific examples of how Google Services help attackers with their schemes. Google Forms One campaign used a Google Form and an American Express logo to try and get victims to enter sensitive information. “Hosting the phishing page on a Google Form helps the initial email evade any security filters that block known bad links or domains,” according to Sambamoorthy. “Since Google’s domain is inherently trustworthy, and Google forms are used for several legitimate reasons, no…

Source

image
VMware has hurried out fixes for a critical flaw in its ESXi hypervisor, a few weeks after it was found during China’s Tianfu Cup hacking competition. The use-after-free vulnerability (CVE-2020-4004) has a CVSS score of 9.3 out of 10, making it critical. It exists in the eXtensible Host Controller Interface (xHCI) USB controller of ESXi. XHCI is an interface specification that defines a register-level description of a host controller for USB. According to VMware in a Thursday advisory, “a malicious actor with local administrative privileges on a virtual machine may exploit this issue.” The attacker would then be able to execute code as the virtual machine’s Virtual Machine Executable (VMX) process running on the host, said VMware’s advisory. The VMX process runs in the VMkernel and is responsible for handling I/O to devices that are not critical to performance. Xiao Wei and Tianwen Tang (VictorV) of the Qihoo 360 Vulcan Team were credited with discovering the flaw, which they found at the 2020 Tianfu Cup Pwn Contest. While further details of the bug – and the exploit – were not disclosed, according to the Tianfu Cup’s Twitter account, the team “got the root of the host OS with one shot.” The Tianfu Cup is a popular ethical hacking contest that took place earlier in November. 360 ESG Vulnerability Research Institute is the only team to run the entry on VMware ESXi today. @XiaoWei___ @vv474172261 got the root of the host OS with one shot. Congrats! — TianfuCup (@TianfuCup)…

Source

image
The Christian faith app Pray.com has leaked private data for up to 10 million people, according to researchers. The app offers “daily prayer and Bible stories to inspire, educate and help you sleep” on a subscription basis. Subscriptions run anywhere from $50 to $120. It offers a host of audio content, including services from televangelists like Joel Osteen, and religious recordings using celebrity voices like Kristin Bell and James Earl Jones. It has been downloaded by more than 1 million people on Google Play, and ranks as the #24 lifestyle app in the Apple App store. vpnMentor analysts found several open, publicly accessible cloud databases (Amazon Web Services S3 buckets, in this case) belonging to Pray.com, containing 1.9 million files – about 262 GB worth of data. Most of this was internal information, but one of the buckets contained concerning data, the researchers said. 80,000 files contained various personal identifiable information (PII) for tens of millions of people – and not just from Pray.com users. These included photos uploaded by the app’s users (profile photos and avatars for Pray.com’s private “Communities” social network), including those of minors. And, the files included CSV files from churches that use the app to communicate with their congregations, the investigation found. These files contained lists of the church’s attendees, with information for each churchgoer that included names, home and email addresses, phone numbers and marital status. The…

Source

image
Just as seasonal online shopping kicks into high gear, new variants of the point-of-sale Grelos skimmer malware have been identified. Variants are targeting the payment-card data of online retail shoppers on dozens of compromised websites, researchers warn. The Grelos skimmer malware has been around since 2015, and its original version is associated with what are called Groups 1 and 2 under the prolific Magecart umbrella of loosely organized cybercriminals. However, over time new actors began to co-opt the Grelos skimmer and reuse some of the original domains used to host the malware. This has accumulated into what researchers say is a unique overlap in infrastructure for the most recent variants of the skimmer between Grelos and Magecart. In a new analysis, researchers said that a cookie found on a compromised website led to the discovery of Grelos – and they were then able to find links between new variants because they had matching infrastructure and identical records on the WHOIS query and response protocol (widely used for querying databases). “Recently, a unique cookie allowed RiskIQ researchers to connect a recent variant of this skimmer to an even newer version that uses a fake payment form to steal payment data from victims,” said researchers with RiskIQ in an analysis this week. “Domains related to this cookie have compromised dozens of sites so far.” The Skimmer Variant The new variants of the skimmer first appeared when researcher Affable Kraut documented it…

Source